Shostack + Friends Blog


Worthwhile Books Q2 2023

Books that I read in the second quater that are worth your time include two memoirs, a great book on the security of ML, and more! a big pile of books


  • Space Rogue: How the Hackers Known as the L0pht Changed the World, Cris Thomas (aka Space Rouge) was a page-turner and a fun stroll down memory lane. Fortunately he’s forgotten how my first startup tried and failed to license L0phtCrack.
  • Password (Object Lessons series), Martin Eve. A short book reflecting on the history of thinking about passwords, treating the secret knowledge of how to solve the labyrinth as password adjacent. Lovely and fun.
  • A Hacker’s Mind, Bruce Schneier. Interesting thesis around the use of power, and how power allows people to twist (“hack”) the rules of systems.
  • Project Zero Trust, George Finney. A didactic story of how a business rolls out zero-trust, in the model of The Goal or The Phoenix Project.
  • The Fifth Domain, Richard Clarke and Rob Knake. (Re-read). A very solid broad view of the cybersecurity landscape, why it matters, and what we can do to improve things, from two folks who've worked for many administrations.
  • Not With a Bug, But with A Sticker,Ram Shankar Siva Kumar and Hyrum Anderson. A highly readable overview of the state of attacks on machine learning systems. The book orients around what can be done more than the technical details of how. (I gave it 5 stars on Amazon; my publisher sent me an e-book and I bought the hardcover.)


  • Creating the Twentieth Century: Technical Innovations of 1867-1914 and Their Lasting Impact, Vaclav Smil. A fascinating history. Smil makes the case that almost everything that defined the last century was invented in a roughly 50 year period starting in 1867. His (2005) argument that the computer doesn’t matter is looking somewhat, but not exceptionally, dated. Smil’s writing is not the most fluid, which I say not as a criticism but a heads-up.
  • The art of writing technical books, Peter Gregory. A technical manual for writers of technical books. Lots of good advice, some of which I’d learned at the school of hard knocks, some of which led me to restructure my book template directory.
  • A Fish Has No Word for Water, Violet Blue. A memoir of growing up in a very different San Francisco. This was a challenging read because of what she’s lived through, but worthwhile and reminded me just how much San Francisco has changed since I first visited.
  • The New Science of Strong Materials, J.E. Gordon. Wonderfully readable summation of the science of strong materials, at least as the state of the art existed 50 years ago. Required reading before you can be minted as an expert on carbon fiber.


  • Light from Uncommon Stars by Ryka Aoki is the joyful story of a runaway trans violinist, her teacher, who happens to have sold the souls of her students to hell, and the aliens who run the local donut shop.

Also, I remembered to publish the sample chapter for Threats, and still have times available for my virtual book tour. The way it works is an organization buys a reasonable number of books, and I show up for a reading via your favorite meeting tool. If you're interested, contact us.

Image by Midjourney: a pile of books, watercolor, renoir, with a greenish theme, reminiscent of plants --ar 8:3. If you’re paying attention to these, note the very strong allusion to handwritten captions, memorized somewhere.